IDN Exploit In Firefox

Do Send Cover Letter Email Attachment This exploit affects all browsers except IE. It has to do with the International Domain Name [IDN] support in modern browsers. The attack allows an attacker/phisher to spoof the domain/URLs of businesses. How To Write A Paper On Racism There is a proof of concept document that will show you exactly what it can do; there is even an SSL connection that works as well, so much for a secure connection. Try it out before you apply the fix, but not in IE! There are several articles and workaround/fixes out there. I have been messing around with them all morning and here is the run down.

http://www.travelio.net/?college-essay-intro College Essay Intro
  1. There is a fix listed on Boing Boing. It says to type about:config in the address bar, find network.enableIDN and set it to false. This only works until you close Firefox and re-open it. Then the links at proof of concept will work again. It also broke my Macromedia News extension, don’t waste you time on this fix!
  2. Back up the compreg.dat file first, if you attempt this fix! There is another fix listed on tech.life.blogged. This one says to edit the compreg.dat file that is located in your profile directory, eg. On XP: C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\default.###\ Then you open the compreg.dat file in a text editor (I strongly suggest TextPad), find and modify the @mozilla.org/network/idn-service; 1,{62b778a6-bce3-456b-8c31-2865fbb68c91} line. Change the 1 to a 0 and save the file. I tried this fix and it works, but the post states it is a permanent fix and it is not. The problem is that if you install a extension the compreg.dat file is reloaded and the Dj Resume Layout 1 in @mozilla.org/network/idn-service; 1,{62b778a6-bce3-456b-8c31-2865fbb68c91} line is resored and the fix is lost. You will manually have to edit compreg.dat and change the Buy Term Papers And Essays 1 to a http://www.imvuoutfits.com/?fight-club-dissertation Fight Club Dissertation 0.
  3. The third fix I found at mozillaZine and advises to use AdBlocker to create a filter that will block any URL that uses characters that are outside the normal ASCII range. I have highlighted the steps to follow below:
  1. If you do not have Adblocker installed go here and install it!
  2. Once it is installed, in Firefox, goto Tools, Adblock, and open Preferences
  3. Important!! On the Preferences windows select Adblock Options and select Site Blocker: Hey Girl Do Your Homework Note: Site Blocking will now have a check next to it.
  4. In the New Filter input box enter the following text: /[^\x20-\xFF]/
  5. Select Add next the New Filter input box to add the rule. http://www.rainbowmediasolutionltd.com/professional-writing-services-for-personal-statements/ Professional Writing Services For Personal Statements Note: You will receive a Warning dialog when you select Add, just select OK to apply the filter.
  6. Select Done
  7. Go to the test page and select a link. The links will be blocked and should not load. Note: They had a paypal link but have since changed it. You still can see a nice sample of the domain spoofing.

You can find out more details about the attach from The state of homograph attacks document.